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Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

Responsive to communication(s) filed on 20 October 2005 . 
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10)^3 The drawing(s) filed on 05 March 2002 is/are: a)^ accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 
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DETAILED ACTION 
Acknowledgement of Papers 

1 . This office action is in response to all papers sent and received as of the 20 th of 
October 2005. 

Priority 

2. The examiner notes that there is no claim of benefit to priority with regards to the 
present application. 

Information Disclosure Statement 

3. All Information Disclosure Statements (IDS) received before completion of this 
office action have been reviewed and considered. A signed copy has been enclosed 
with this action for your records. Specifically including IDS filed on: 05/10/2002, 
01/27/2003, 05/12/2003, 08/08/2003, 04/19/2004, and 10/20/2005. 



Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

5. Claims 1 , 5-14 rejected under 35 U.S.C. 102(e) as being anticipates by Carter et 



al. (Carter). 
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6. As per claim 1 , Carter anticipates, a method of providing secure access to a 
service on a service web server comprising: 

(a) providing a first user access to a label service on a permission web 
server (Figure 2.200-214, Column 7, Lines 37-47, "DDP"); 

(b) allowing said first user to determine, using the label service, a label 
related to said service (Figure 2.216, 220, Column 8, Second and Third paragraph, 
"DDP", "deputies"); 

(c) creating a first (Figure 2.216-222, Column 8, starting second 
paragraph, "DDP", "deputies") permission link at said permission web server, wherein 
said first permission link comprises the label and a digital signature of the permission 
web server; 

(d) providing said first permission link to said first user (Figure 2.222, 
"Credential Response"); 

(e) receiving (Figure 8, "receiving") at the service web server from a 
second user a permission comprising the first (Figure 6, "Deputy Credential") 
permission link and a second permission link (Figure 7, "Deputized Function"), wherein 
said second permission link is created by said first user and comprises a digital 
signature of the first user; 

(f) verifying (Figure 8.826, "Authenticate Deputy") the digital signatures in 
the permission; 
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(g) providing the second user access to the service if an analysis of the 
permission produces a positive result (Column 12, Lines 32-39, "Authenticating", 
"credentials"). 

7. As per claim 5, Carter anticipates, the method of claim 1 wherein said permission 
and service web servers are the same (Column 6, Lines 60-69, "server"). 

8. As per claim 6, Carter anticipates, the method of claim 1 wherein the first and 
second users are the same (Column 7, Lines 50-55, "user task"). 

9. As per claim 7, Carter anticipates, a method of providing secure access to a 
service on a service web server comprising: 

(a) providing a first user access to a label service (Figure 2.200-214, 
Column 7, Lines 37-47, "DDP") on a label web server; 

(b) allowing said first user to determine, using the label service, a label 
(Figure 2.216-222, Column 8, starting second paragraph, "DDP", "deputies") related to 
said service; 

(c) providing said label to said first user (Figure 2.216-222, Column 8, 
starting second paragraph, "DDP", "deputies"); 

(d) receiving (Figure 8, "receiving") at the service web server from a 
second user a permission, wherein said permission is created by said first user and 
comprises a digital signature of the first user and the label; 

(e) verifying (Figure 8.826, "Authenticate Deputy") the digital signature in 
the permission; and 
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(f) providing access (Column 12, Lines 32-39, "Authenticating", 
"credentials") to the service to the second user if an analysis of the permission produces 
a positive result. 

10. As per claim 8, Carter anticipates, the method of claim 7 further comprising: (g) 
before step (f), verifying that the first user had authority (Column 10, Lines 12-20) to 
delegate access to the service. 

11. As per claim 9, Carter anticipates, the method of claim 8 wherein step (f) is 
performed using an access control list (Column 10, Lines 12-20). 

12. As per claim 10, Carter anticipates, a method of providing secure access to a 
service on a service web server comprising: 

13. (a) providing a first user access to a label service on a permission web server 
(Figure 2.200-214, Column 7, Lines 37-47, "DDP"); 

14. (b) allowing said first user to determine, using the label service, a label related 
(Figure 2.216, 220, Column 8, Second and Third paragraph, "DDP", "deputies") to said 
sen/ice; 

15. (c) creating (Figure 2.216-222, Column 8, starting second paragraph, "DDP", 
"deputies") a first permission link at said permission web server, wherein said first 
permission link comprises the label and a digital signature of the permission web server; 

16. (d) providing said first permission link to said first user (Figure 2.222, "Credential 
Response"); 

17. (e) receiving (Figure 8, "receiving") at the service web server from a subsequent 
user a subsequent permission, wherein said subsequent permission comprises the first 
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permission (Figure 6, "Deputy Credential") link, a second permission link (Figure 7, 
"Deputized Function") comprising a digital signature of the first user, and at least one 
intervening permission link comprising a digital signature of at least one intervening 
user; 

18. (f) verifying (Figure 8.826, "Authenticate Deputy") the digital signature of the 
permission web server, the digital signature of the first user and each digital signature of 
each intervening user in the subsequent permission; and 

19. (g) providing (Column 12, Lines 32-39, "Authenticating", "credentials") the 
subsequent user access to the service if an analysis of the subsequent permission 
produces a positive result. 

20. As per claim 1 1 , Carter anticipates, the method of claim 1 , 7, or 10 wherein the 
label comprises a URL for identifying the service (Column 10, Lines 5-9, "Uniform 
Resource Locator"). 

21 . As per claim 12, Carter anticipates, a system for providing secure access to a 
service on a service web server comprising: 

a permission web server (Figure 2.200-214, Column 7, Lines 37-47, 
"DDP") that maintains a label service and allows a first user to determine, using the 
label service, a label related to the service; that creates a first permission link, wherein 
said first permission link comprises the label and a digital signature of the permission 
web server; and that provides the first permission link to the first user; and 

the service web server (Figure 2.200-214, Column 7, Lines 37-47, "DDP") 
that receives from a second user a permission comprising the first permission link 
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(Figure 6, "Deputy Credential") and a second permission link (Figure 7, "Deputized 
Function"), wherein said second permission link is created by said first user and 
comprises a digital signature of the first user (Figure 2.216, 220, Column 8, Second and 
Third paragraph, "DDP", "deputies"); that verifies (Figure 8.826, "Authenticate Deputy") 
the digital signatures in the permission; and that provides the second user access 
(Column 12, Lines 32-39, "Authenticating", "credentials") to the service if an analysis of 
the permission produces a positive result. 

22. As per claim 13, Carter anticipates, a system for providing secure access to a 
service on a service web server comprising: 

a permission web server (Figure 2.200-214, Column 7, Lines 37-47, 
"DDP") that maintains a label service and that allows a first user to determine, using the 
label service, a label (Figure 2.216-222, Column 8, starting second paragraph, "DDP", 
"deputies") related to the service; and that provides the label to the first user (Figure 
2.222, "Credential Response"); and 

the service web server that receives from a second user a permission, 
wherein said permission is created by the first user (Figure 6, "Deputy Credential") and 
comprises a digital signature of the first user and the label; that verifies (Column 12, 
Lines 32-39, "Authenticating", "credentials") the digital signature in the permission; and 
that provides the second user access to the service if an analysis of the permission 
produces a positive result. 

23. As per claim 14, Carter anticipates, a system for providing secure access to a 
service on a service web server comprising: 
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a permission web server (Figure 2.200-214, Column 7, Lines 37-47, 
"DDP") that maintains a label service and allows a first user to determine, using the 
label service, a label (Figure 2.216-222, Column 8, starting second paragraph, "DDP", 
"deputies") related to said service; that creates a (Figure 2.222, "Credential Response") 
first permission link, wherein the first permission link comprises (Figure 6, "Deputy 
Credential") the label and a digital signature of the permission web server; and that 
provides the first permission link to the first user; and 

the service web server that receives (Figure 8, "receiving") from a 
subsequent user a subsequent permission, wherein said subsequent permission 
comprises the first permission link (Figure 6, "Deputy Credential"), a second permission 
link (Figure 7, "Deputized Function") comprising a digital signature of the first user, and 
at least one intervening permission link comprising a digital signature of at least one 
intervening user; that verifies (Figure 8.826, "Authenticate Deputy") the digital signature 
of the permission web server, the digital signature of the first user and each digital 
signature of each intervening user in the subsequent permission; and that provides the 
subsequent user access (Column 12, Lines 32-39, "Authenticating", "credentials") to the 
service if an analysis of the subsequent permission produces a positive result. 

Claim Rejections • 35 USC § 103 

24. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

25. Claims 2-4 are rejected under 35 U.S.C. 103(a) as being obvious over Carter et 
al. (Carter) in view of Shteyn. 

26. Carter discloses the method of claim 1 where said first use transmits said 
permission to said second user (Carter: Figure 2.22). 

27. Carter does not expressly disclose the use of electronic mail, instant messaging, 
or a personal area network for said transmission. 

28. Shteyn discloses ubiquitous information access through using electronic mail, 
instant messaging, or a personal area network (Shteyn: Column 1, Lines 24-39). 

29. Carter and Shteyn are analogous art because they are from the similar problem 
solving area of information access. 

30. At the time of invention it would have been obvious to a person of ordinary skill in 
the art to use electronic mail, instant messaging, or a personal area network to transmit 
the permission. 

31 . The motivation for doing so would have been to enable said user access to as 
much information as possible (Shteyn: Column 1, Lines 24-39). 

32. Therefore, it would have been obvious to combine Carter with Shteyn for the 
benefit of increased access of information and easy of use to obtain the invention as 
specified in claims 2-4. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Nathan D. Hast whose telephone number is (571) 272- 
6558. The examiner can normally be reached on M-F 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on (571) 272-3795. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



Nathan D. Hast 
Examiner 
Art Unit 21 36 




